hxxps://gzrggphecdcpkdatowpedlesdfjckszykximha7ib4b3kine-ipfs-dweb-link[.]translate[.]goog/mmc[.]html?_x_tr_hp=bafybeiaan2&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#abc[.]xyz@hitachi-powergrids[.]com

General

Target

https://gzrggphecdcpkdatowpedlesdfjckszykximha7ib4b3kine-ipfs-dweb-link.translate.goog/mmc.html?_x_tr_hp=bafybeiaan2&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#[email protected]

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133237529429804732"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4600 chrome.exe
4600 chrome.exe
4832 chrome.exe
4832 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

4600 chrome.exe
4600 chrome.exe
4600 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe
Token: SeShutdownPrivilege	4600	chrome.exe
Token: SeCreatePagefilePrivilege	4600	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe
4600	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4600 wrote to memory of 2296	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 2296	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1964	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1816	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 1816	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe
PID 4600 wrote to memory of 4752	4600	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://gzrggphecdcpkdatowpedlesdfjckszykximha7ib4b3kine-ipfs-dweb-link.translate.goog/mmc.html?_x_tr_hp=bafybeiaan2&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#[email protected]
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4600

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffad7c39758,0x7ffad7c39768,0x7ffad7c39778
2⤵
PID:2296

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:2
2⤵
PID:1964

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:8
2⤵
PID:1816

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:8
2⤵
PID:4752

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:1
2⤵
PID:2724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:1
2⤵
PID:1492

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4448 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:1
2⤵
PID:4968

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3668 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:8
2⤵
PID:3328

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:8
2⤵
PID:3132

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5284 --field-trial-handle=1848,i,15489181515791613143,3905465477925858705,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4832

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3320

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
e90e819cdf0bd2453e3c12110ff1e622

SHA1
db6f2388905efa912011dd83f1477c2d1afaaaf5

SHA256
8096caba80c968c43ec2d38ac3d03413cb7417d188485e2d920d6518023210a7

SHA512
02163e1c6b463399b1a43674629aaff4d58d83515c8746b303190e6ca4aa84fea2ed252f6d0ba7495016c0a1f38582770e115c4d9775d06e1e784c0249c5dded

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
283ca0829c109aace84459f7b8c5e33b

SHA1
4d0f55b4fb0407f4d9474318c38c305bfb8acff8

SHA256
017ed7b4460390a5db9c3b9dd65229ef49e9ce48117cdc23e2d29a6001d540d5

SHA512
7e7c80405e4922116acfba59a6077080dd440f44ef40412c14e49d1ddcff272a8ce86c7801356792b9a3c633ddee57a2ff87ea166204ac09822e7cf8e8b5df81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7d6f1a0e499ea24e1f1537564b696b00

SHA1
193f7598c950c0e7cadec828601afacabcc6206f

SHA256
77ad80c9b766674707dd3eaf016c6c20f4ce1162f9c81a324a451b87cc8140c4

SHA512
09e8d08e9cf6a78def4f871e7811785c607e273bd1795cc16ee1c4a2e65e8d79e392d944478c451584d544c0127342a706d19eb948981be45aceefdb117defc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
cb215fe0e944ab8659c7ad1bcb714131

SHA1
7353f7b1529e63da5dc3ac7b478ec56b4a792a7b

SHA256
1dc12ecee63ed216060d40debecadd30b80458c46932b98dc2a5216119af43f2

SHA512
c6e60afc06f743fa20d3ba204f2168d2239e9d6a7b1839f976b552937a2176d7d621cf903d77942329312f3cef63d75610d5e6394d18e7d32dc2cc3a8e17314c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
07c12ca771441bfcfd77d5a0b90f5f3c

SHA1
596e38e5e204545a80a5055ea9bab8baa6a98060

SHA256
b1bdec12b1431b6bba5e93b150ba0dcef72a1ccdabd7f5d3c2bdd9673ffc24ab

SHA512
1ba5d5e18058cb5c69088638353b6a255601732ddb16877032810722ae5f48c4c04a8b4435aa275662fd286c2d9e2507dc0fb96980c9440f7b7c6c27375c996f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
4d88560a9020cd3c6a278a9d6437db30

SHA1
20b0a24ec0291c4f7ebbd32cfbc2b771f35fba86

SHA256
7e9430394fdc2d79c6771359c72aefb0ccb49cdf734cdba7acdf426fdc8ff2fb

SHA512
c375bdac3ddab75974527884c1eabc91e56e3107378ee2d1349b00436a150c4122e1a62a7dc4a98bc4cb39f84d5a719bb853deacb78b858568be9db60e7ce3a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
12088195b2ad020ba48cdd2b28d8f98a

SHA1
81d74b13d6d489147a9d1436a413d6b0765ec76c

SHA256
7da6e8d8f31d7654e5c5399c3c30902ccb07454770f4ff516e9016632c333057

SHA512
971b740c14f4aacfec86c7a341fd5cf76c49a034e0c4bd8d66e465a9998dfba04071d2838c31d59c78aa9a06724f4c4edf198418744eed1efbe2ea1f7e126536

Download Submit
\??\pipe\crashpad_4600_NTOAVJGNLGCYLKWL

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads